Bug 788

Summary: request for zlib.h configure test
Product: Portable OpenSSH Reporter: Jim Basney <jbasney>
Component: Build systemAssignee: OpenSSH Bugzilla mailing list <openssh-bugs>
Status: CLOSED FIXED    
Severity: enhancement Keywords: patch
Priority: P2    
Version: -current   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 793    
Attachments:
Description Flags
proposed patch to configure.ac
none
Add test for zlib >= 1.1.4 djm: ok+

Description Jim Basney 2004-01-15 09:25:20 AEDT 
I see a configure test for the presence of zlib.h was removed from configure.in 
in the following revision.

----------------------------
revision 1.317
date: 2001/10/24 05:36:55;  author: tim;  state: Exp;  lines: +10 -10

[configure.in] Fix test for broken dirname. Based on patch from
Dave Dykstra <dwd@bell-labs.com>. Remove un-needed test for zlib.h.
[contrib/caldera/openssh.spec, contrib/redhat/openssh.spec,
contrib/suse/openssh.spec] Update version to match version.h
----------------------------

However, I find that some systems such as an AIX 5.2 system I'm using 
have /usr/lib/libz.a but no /usr/include/zlib.h (a broken setup, I agree).  I 
see a report at http://marc.theaimsgroup.com/?l=openssh-unix-
dev&m=106627358830467&w=2 that Compaq Tru64 UNIX has a similar setup.  Building 
OpenSSH on these systems results in a successful configure but a failed compile 
due to the missing zlib.h.  Could the zlib.h check be put back in to 
configure.ac to catch this problem earlier?  I think it might cut down on user 
confusion.
Comment 1 Jim Basney 2004-01-15 09:27:04 AEDT 
Created attachment 528 [details]
proposed patch to configure.ac
Comment 2 Darren Tucker 2004-01-15 10:44:21 AEDT 
Created attachment 529 [details]
Add test for zlib >= 1.1.4

Seems reasonable, as long as there was no other reason for for the original
change.

While we're at it I think we should add a test for zlib >= 1.1.4 (since earlier
versions have security problems it has been documented as a requirement for a
while but not enforced).
Comment 3 Damien Miller 2004-01-22 22:32:39 AEDT 
Comment on attachment 529 [details]
Add test for zlib >= 1.1.4

ok by me - we may be yelled at by distributors who patch zlib without cranking
the version, but if they are willing to patch zlib then they should be willing
to patch openssh too :)
Comment 4 Darren Tucker 2004-01-22 23:23:34 AEDT 
OK, done, thanks.  zlib 1.1.4 has been out for nearly 2 years, and if a given
vendor is backporting zlib fixes, shouldn't they also be backporting openssh
fixes anyway...
Comment 5 Damien Miller 2004-04-14 12:24:20 AEST 
Mass change of RESOLVED bugs to CLOSED